/** {@inheritDoc} */
public boolean verifyServerHostKey(
String hostname, int port, String serverHostKeyAlgorithm, byte[] serverHostKey)
throws Exception {
try {
final int result = database.verifyHostkey(hostname, serverHostKeyAlgorithm, serverHostKey);
final boolean isNew;
switch (result) {
case KnownHosts.HOSTKEY_IS_OK:
return true;
case KnownHosts.HOSTKEY_IS_NEW:
isNew = true;
break;
case KnownHosts.HOSTKEY_HAS_CHANGED:
isNew = false;
break;
default:
throw new IllegalStateException("Unknown verification result: " + result);
}
String fingerprint = KnownHosts.createHexFingerprint(serverHostKeyAlgorithm, serverHostKey);
boolean keyCheck =
myXmlRpcClient.verifyServerHostKey(
myHandlerNo, hostname, port, serverHostKeyAlgorithm, fingerprint, isNew);
if (keyCheck) {
String hashedHostname = KnownHosts.createHashedHostname(hostname);
// Add the host key to the in-memory database
database.addHostkey(new String[] {hashedHostname}, serverHostKeyAlgorithm, serverHostKey);
// Also try to add the key to a known_host file
try {
KnownHosts.addHostkeyToFile(
new File(knownHostPath),
new String[] {hashedHostname},
serverHostKeyAlgorithm,
serverHostKey);
} catch (IOException ignore) {
// TODO log text
}
return true;
} else {
System.err.println(
GitBundle.message("sshmain.invald.host.key", serverHostKeyAlgorithm, fingerprint));
return false;
}
} catch (Throwable t) {
System.err.println(GitBundle.message("sshmain.failed.to.verify.key", t.getMessage()));
t.printStackTrace();
return false;
}
}
/**
* Configure known host database for connection
*
* @param c a connection
* @throws IOException if there is a IO problem
*/
private void configureKnownHosts(Connection c) throws IOException {
File knownHostFile = new File(knownHostPath);
if (knownHostFile.exists()) {
database.addHostkeys(knownHostFile);
}
final List<String> algorithms = myHost.getHostKeyAlgorithms();
c.setServerHostKeyAlgorithms(algorithms.toArray(new String[algorithms.size()]));
}
/**
* Build list of known hosts for Trilead library.
*
* @return
*/
public KnownHosts getKnownHosts() {
KnownHosts known = new KnownHosts();
synchronized (dbLock) {
SQLiteDatabase db = this.getReadableDatabase();
Cursor c =
db.query(
TABLE_HOSTS,
new String[] {
FIELD_HOST_HOSTNAME, FIELD_HOST_PORT, FIELD_HOST_HOSTKEYALGO, FIELD_HOST_HOSTKEY
},
null,
null,
null,
null,
null);
if (c != null) {
int COL_HOSTNAME = c.getColumnIndexOrThrow(FIELD_HOST_HOSTNAME),
COL_PORT = c.getColumnIndexOrThrow(FIELD_HOST_PORT),
COL_HOSTKEYALGO = c.getColumnIndexOrThrow(FIELD_HOST_HOSTKEYALGO),
COL_HOSTKEY = c.getColumnIndexOrThrow(FIELD_HOST_HOSTKEY);
while (c.moveToNext()) {
String hostname = c.getString(COL_HOSTNAME), hostkeyalgo = c.getString(COL_HOSTKEYALGO);
int port = c.getInt(COL_PORT);
byte[] hostkey = c.getBlob(COL_HOSTKEY);
if (hostkeyalgo == null || hostkeyalgo.length() == 0) continue;
if (hostkey == null || hostkey.length == 0) continue;
try {
known.addHostkey(
new String[] {String.format("%s:%d", hostname, port)}, hostkeyalgo, hostkey);
} catch (Exception e) {
Log.e(TAG, "Problem while adding a known host from database", e);
}
}
c.close();
}
}
return known;
}
@Override
public boolean verifyServerHostKey(
String hostname, int port, String serverHostKeyAlgorithm, byte[] serverHostKey)
throws Exception {
String fingerPrint = KnownHosts.createHexFingerprint(serverHostKeyAlgorithm, serverHostKey);
int fingerPrintStatus = Constraints.FINGER_PRINT_CHANGED;
if (profile.getFingerPrintType() == null || profile.getFingerPrintType().equals("")) {
fingerPrintStatus = Constraints.FINGER_PRINT_INIITIALIZE;
reason = getString(R.string.finger_print_unknown);
} else {
if (profile.getFingerPrintType().equals(serverHostKeyAlgorithm)
&& profile.getFingerPrint() != null
&& profile.getFingerPrint().equals(fingerPrint)) {
return true;
} else {
fingerPrintStatus = Constraints.FINGER_PRINT_CHANGED;
reason = getString(R.string.finger_print_mismatch);
}
}
Log.d(TAG, "Finger Print: " + profile.getFingerPrint());
Log.d(TAG, "Finger Print Type: " + profile.getFingerPrintType());
Bundle bundle = new Bundle();
bundle.putInt(Constraints.ID, profile.getId());
bundle.putInt(Constraints.FINGER_PRINT_STATUS, fingerPrintStatus);
bundle.putString(Constraints.FINGER_PRINT, fingerPrint);
bundle.putString(Constraints.FINGER_PRINT_TYPE, serverHostKeyAlgorithm);
Message msg = new Message();
msg.setData(bundle);
hostKeyHandler.sendMessage(msg);
synchronized (fingerPrintLock) {
fingerPrintLock.wait();
}
return fingerPrintChecker;
}